Archive for the ‘Backup and Recovery’ Category:

As a healthcare practice you cannot ignore your compliance with the HIPAA Security Rule. HIPAA Security and Privacy Rules were created to protect patients’ protected health information (PHI). HIPAA violations can result in penalties of $100 to $50,000 per violations and total fines can be as much as $1.5 million if the violation is due to willful neglect.

A data breach can be financially costly to your practice and may also impact your patients if PHI lands in the wrong hands. A data breach can as simple as a lost laptop containing patient information.

Being HIPAA compliance is not an easy task but shouldn’t be ignored either. I have listed four steps below to get you started with your HIPAA compliance.

Risk Analysis
A Risk Analysis is the first step towards HIPAA compliance. This is used to discover potential risk and vulnerabilities to the confidentiality and availability of electronic protected health information. The risk analysis should be documented and any discovered vulnerabilities should be addressed. If you have already conducted a risk analysis then review and update yearly.

Implement Administrative, Physical and Technical Safeguards
There are certain safeguards that need to be implemented by covered entities to protect PHI. The safeguards are broken down into there types (Administrative, Physical and Technical). Some safeguards are required and some are addressable. All the required safeguards need to be implemented, if you choose not to implement the addressable safeguards then you need document why not.

Employee Training
Most HIPAA violations are caused by employee negligence. HIPAA safeguards require you train your employees, send occasional security reminders and monitor you employees to make sure there are not causing HIPAA violations.

Business Associate Agreement
If you employ any company/contractor that has access to PHI, then they are considered business associates.
You need to have a Business Associate Agreement in place that requires them to comply with HIPAA Security rule. A business associate agreement can potentially protect your practice from HIPAA violation caused by the business associate.

The steps listed above should only be considered as a starting point towards your HIPAA compliance. HIPAA compliance is an ongoing process that needs to be constantly monitored and reviewed to fit your practice.

As a small business owner, your most important asset is your business data. It is literally the life blood of your business especially if you have been in business for a while. Hardware failures and natural disasters happen more often than you realize and you have to be able to recover from them as fast as possible.

Backing up your business data gives you the ability to recover from disaster and keeps you in business. I usually tell my clients to think of data backup like their home or rental insurance. You might never have to use but you will be happy you have it if the situation ever arises. There are different forms of data backup you can implement for your business.

Local Data Backup
This is the simplest and oldest form of data backup. It could be as simple as backing up to an external hard drive or USB stick or implementing a full tape backup system. This is also the fastest form of data backup; you can backup as much data and as often as you want. You are only limited by the size of your backup device. Every business should at least implement something as simple as this. The major downside of a local backup is the safety of the local device in the event of theft, disaster or failure.

Online/Cloud Data Backup
With cloud backup another company handles the transmission and storage of your data. Your data is backed up to the hard drives of the company providing the service. The data is transmitted to the company over the internet and it is encrypted during transmission and at rest. Your data is always secure in the cloud no matter what happens at your place of business. The major disadvantage of cloud backup is the speed of data backup and recovery. This is usually not a problem when you are backing up your data but restoring your data can take days depending on the size of your data and speed of your internet connection.

Hybrid Data Backup
Hybrid data backup gives you the best features of the other two forms of backup and also stores your data in multiple places so you are more protected. It gives you the speed of a local backup and the safety of a cloud backup. You get a storage device that data is constantly backed up locally and later uploaded to the cloud. This is currently the form of backup we recommend to our client. We can even bring up a copy of your server in cloud within minutes so you be back in business in the event of a disaster.

Whatever form of backup you employ, it is only as good as the data recovery. The only way you can guarantee your data recovery is through testing. We schedule monthly data recovery test for our clients. This guarantees we can readily restore the data if needed. The worst thing that can happen is to find out your backup has not been working when you need it.

Are you on the fence about outsourcing your technology service to an IT service provider? Businesses small and large are taking this step because of the benefits listed below:

Cost Savings: You pay the IT service company a fraction of the cost of an in-house IT employee or department. The annual salary of a full-time IT employee is between ($50,000 and $65,000), add in the cost of benefits and training, factor in that the IT employee may not be 100% utilized and the cost of bringing in a contractor when he/she goes on vacation. The cost of an in-house IT employee can easily add up $100,000. You can outsource your IT department for less than 10% of the overall cost of hiring an IT employee. You eventually pass on this cost savings to your customers which makes you more competitive in your market.

Focus on Core Business: Having someone else focus on your technology service and needs frees you up to focus on your core business and grow your business. You started your business to provide a service to your customers and not to spend time worrying and fixing your technology. The IT service company do what they do best so your can do what you do best.

Enterprise Scale IT: As a small business, you may not have the technological resources of larger companies. The technology of an IT service provider can rival or surpass that of larger organization. This is because they support a variety companies and use the latest and best technology for their clients. This brings your technology to the same level as larger companies and only pass on a fraction of the cost to you.

Experienced and knowledgeable Technology Adviser: Your IT service provider is already aware of the ins and outs of your IT infrastructure. They understand your needs and are aware of the right solutions that will benefit your business. They manage your other technology vendors and speak “geek” to them so you don’t have to. They are always a phone call away and can provide consulting services at a discounted rate when compared to other companies.

Contact us today when you want to outsource your IT service, we look forward to being your business partner.